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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1. A request for continued examination under 37 CFR 1.114, including the 
fee set forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since 
this application is eligible for continued examination under 37 CFR 1.114, and the fee 
set forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office 
action has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
April 21 , 2009 has been entered. 

2. Applicant's response filed on April 21, 2009 has been fully considered. 
Claims 1, 7, 9, 15, and 20 have been amended. Claims 1, 3-9, 11-15, 17-20 and 22 are 
pending. 

Claim Rejections - 35 USC § 103 

3. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as 
set forth in section 102 of this title, if the differences between the subject matter sought to be 
patented and the prior art are such that the subject matter as a whole would have been obvious 
at the time the invention was made to a person having ordinary skill in the art to which said 
subject matter pertains. Patentability shall not be negatived by the manner in which the invention 
was made. 

4. Claims 1, 3-9, 11-15, 17-20 and 22 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over Chen et al. (U.S. Patent No. 7,069,439 B1), hereinafter "Chen", 
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in view of Nakayama et al. (U.S. Pub. No. 2004/0147251 A1), hereafter "Nakayama", 
and further in view of Hino et al. (U.S. Pat. No. 7,424,61 1 B2), hereinafter "Hino". 

Referring to claims 1 . 7. 15. 20 : 
i. Chen teaches: 

A method, comprising: 

dynamically generating a first set of integrity information for a first 
processing system by generating said first set of integrity information for an application 
using a cryptographic algorithm, the first processing system comprising a first processor 
(see figure 5, elements 530 'generate digest', 570 'compare metrics'; column 4, line 59- 
column 5, line 2; column 8, lines 4-1 6; and column 1 1 , lines 5-1 6 of Chen); 

sending said first set of integrity information to a second processing 
system, the second processing system comprising a second processor (see figure 5, 
elements 535 'sign & return digest' of Chen); and 

generating an attestation value for said first processing system by 
said second processing system using said first set of integrity information and a 
dynamic attestation module connected to said second processing system prior to 
execution of said application by said first processing system (see column 1 1 , lines 5-16, 
'■■ . compares the computed integrity metrics , which it extracts from the challenge 
response, with the proper platform integrity metric , which it extracts from the certificate.'; 
and figure 5, element 590 'establish secure communication', of Chen, emphasis added). 

Chen discloses dynamic authentication of the platform and 
application (see column 8, lines 4-16, particularly "Other know processes, for example 
virus checkers, will typically be in place to check that the operating system and 
application program code has not been subverted ", of Chen, emphasis added). 
However, Chen does not specifically mention selecting an application from a plurality of 
applications. 

Chen discloses generating set of integrity information for a 
processing system during boot operation (see column 7, lines 19-21 'During the secure 
boot process, the trusted device 24 acquires an integrity metric of the computing 
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platform 10.', of Chen). However, Chen does not specifically mention the processing 
system that has completed trusted boot operation to verify integrity of an application 
prior to execution of the application. 

Chen discloses terminating the session by the trusted device in 
case of an error or failure occurs (see column 13, lines 30-31 , of Chen). However, 
Chen does not specifically mention disabling access by the processing system to a 
transceiver of the device. 

ii. Nakayama teaches a portable terminal wherein Nakayama 
discloses selecting an application from a plurality of applications (see figure 5, element 
222 'service identifier area' [i.e., a plurality of applications]; page 7, paragraph [0102], 
lines 9-12 "The service identifier area 222 stores identifiers of services (e.g., "0001", 
"0002", "0003",...) for which the corresponding value entities in the value entity area 221 
are used"; and paragraph [0098], lines 7-9 "or pull-type transmission in which the store 
server 30 transmits the application in response to an active transmission request from 
the portable terminal 20", of Nakayama). 

Nakayama further discloses the transceiver (see page 6, paragraph 
[0087], lines 7-10, of Nakayama). 

On the other hand, Hino teaches a authentication system wherein 
Hino discloses the processing system that has completed trusted boot operation to 
verify integrity of an application prior to execution of the application (see column 2, lines 
5-1 1 'Authentication may be performed during anv period when inoperativeness of 
unauthenticated programs is guaranteed. Therefore, the authenticator accepting period 
is not limited to a boot period which will be described below. That is, authentication is 
not limited within a period starting from generation of a system reset, and not limited 
within a period ending at activation of an OS.'; and column 3, lines 37-59, of Hino, 
emphasis added). 

Hino further discloses a hardware having a disabling and an 
enabling functionality (see column 3, lines 60-63, of Hino). 
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iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to select an application from a plurality of applications for authentication. 

It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Hino into the method of 
Chen to use the processing system that has completed trusted boot operation to verify 
integrity of an application prior to execution of the application. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to select an application from 
a plurality of applications for authentication, because Chen teaches dynamic 
authentication of platform and applications (see column 8, lines 4-16 of Chen), and 
Nakayama teaches selection an application from a plurality of applications (see ii 
above). Therefore, Nakayama's teaching could enhance Chen's system by providing 
more flexibility. 

The ordinary skilled person would have been motivated to have 
applied the teaching of Hino into the system of Chen to use the processing system that 
has completed trusted boot operation to verify integrity of an application prior to 
execution of the application, because Chen teaches dynamic authentication of platform 
and applications (see column 8, lines 4-16 of Chen), and Hino teaches using the 
processing system that has completed trusted boot operation to verify integrity of an 
application prior to execution of the application. Therefore, Hino's teaching could 
enhance Chen's system by providing security. 
Referring to claims 3. 22 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 1 above). Chen further discloses: 

retrieving a second set of integrity information for said first processing 
system (see column 11, lines 5-16, '... compares the computed integrity metrics , which it 
extracts from the challenge response, with the proper platform integrity metric , which it 
extracts from the certificate.', of Chen, emphasis added); 

comparing said first set of integrity information with said second set of 
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integrity information (see column 1 1 , lines 5-16 of Chen); and 

generating said attestation value in accordance with said comparison (see 
column 1 1 , lines 5-1 6 of Chen). 
Referring to claim 4 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 1 above). Chen further discloses the 
encryption key (see column 4, lines 56-58 of Chen). 
Referring to claims 5. 19 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 1 above). Chen further discloses the 
authentication (see column 7, lines 21-26 of Chen). 
Referring to claim 6 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 1 above). Chen further discloses the 
decryption (see column 7, lines 21-26 of Chen). 
Referring to claim 8 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 7 above). Chen further discloses the first 
and the second process (see figure 5, 'trusted device', 'user' [i.e., smart card] of Chen). 
Referring to claim 17 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 15 above). Chen further discloses 
retrieving a second set of integrity information (see column 11, lines 5-16 '...with the 
proper platform integrity metric, which is extracts from the certificate.', of Chen). 
Referring to claim 18 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 15 above). Chen further discloses 
comparing the first set of integrity metric with the second set of integrity metric (see 
column 11, lines 5-16 'compares', of Chen). 
Referring to claim 9 : 
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i. Chen teaches: 

A method, comprising: 

a first processing comprising a plurality of applications and a first 
processor (see figure 5, elements 530, 535, 540; column 4, line 59-column 5, line 2; 
and column 1 1 , lines 5-1 6 of Chen); 

a second processing system to connect said first processing system 
, said second processing system comprising a second processor (see figure 5, element 
'user' [i.e., smart card] of Chen); and 

a dynamic attestation module to connect to said first and second 
processing systems, said second processing system to perform dynamic attestation for 
one of said applications to be executed by said first processing system using said 
dynamic attestation module, wherein said dynamic attestation module comprises an 
integrity module to dynamically generate a first set of integrity information for said 
application by generating said first set of integrity information for said application using a 
cryptographic algorithm system prior to execution of said application by said first 
processing system (see column 1 1 , lines 5-16, '... compares the computed integrity 
metrics , which it extracts from the challenge response, with the proper platform integrity 
metric, which it extracts from the certificate.'; and figure 5, element 590 'establish 
secure communication', of Chen, emphasis added). 

However, Chen does not specifically mention the antenna and the 

transceiver. 

Chen discloses dynamic authentication of the platform and 
application (see column 8, lines 4-16, particularly "Other know processes, for example 
virus checkers, will typically be in place to check that the operating system and 
application program code has not been subverted ", of Chen, emphasis added). 
However, Chen does not specifically mention selecting an application from a plurality of 
applications. 

Chen discloses generating set of integrity information for a 
processing system during boot operation (see column 7, lines 19-21 'During the secure 
boot process, the trusted device 24 acquires an integrity metric of the computing 
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platform 10.', of Chen). However, Chen does not specifically mention the processing 
system that has completed trusted boot operation to verify integrity of an application 
prior to execution of the application. 

Chen discloses terminating the session by the trusted device in 
case of an error or failure occurs (see column 13, lines 30-31 , of Chen). However, 
Chen does not specifically mention disabling access by the processing system to a 
transceiver of the device. 

ii. Nakayama teaches a portable terminal wherein Nakayama 
discloses the antenna and the transceiver for communicating with other servers (see 
figure 3, element 'A' [i.e., antenna]; and figure 11, elements 23 'application receiver', 
element 27 'value entity transmitter', of Nakayama). 

Nakayama further discloses selecting an application from a plurality 
of applications (see figure 5, element 222 'service identifier area' [i.e., a plurality of 
applications]; page 7, paragraph [0102], lines 9-12 "The service identifier area 222 
stores identifiers of services (e.g., "0001", "0002", "0003",...) for which the 
corresponding value entities in the value entity area 221 are used"; and paragraph 
[0098], lines 7-9 "or pull-type transmission in which the store server 30 transmits the 
application in response to an active transmission request from the portable terminal 20", 
of Nakayama). 

On the other hand, Hino teaches a authentication system wherein 
Hino discloses the processing system that has completed trusted boot operation to 
verify integrity of an application prior to execution of the application (see column 2, lines 
5-1 1 'Authentication may be performed during anv period when inoperativeness of 
unauthenticated programs is guaranteed. Therefore, the authenticator accepting period 
is not limited to a boot period which will be described below. That is, authentication is 
not limited within a period starting from generation of a system reset, and not limited 
within a period ending at activation of an OS.'; and column 3, lines 37-59, of Hino, 
emphasis added). 

Hino further discloses a hardware having a disabling and an 
enabling functionality (see column 3, lines 60-63, of Hino). 
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iii. It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to use an antenna and a transceiver for communicating with other servers. 

It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Nakayama into the method 
of Chen to select an application from a plurality of applications for authentication. 

It would have been obvious to a person of ordinary skill in the art at 
the time the invention was made to combine the teaching of Hino into the method of 
Chen to use the processing system that has completed trusted boot operation to verify 
integrity of an application prior to execution of the application. 

iv. The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to use an antenna and a 
transceiver, because Chen teaches a method for performing dynamic attestation via 
integrity metric (see claim 1 above), and Nakayama teaches utilizing integrity 
measurement in a portable terminal (see e.g. figure 11, element 20 'integrity 
measurement part' of Nakayama). Therefore, Nakayama's teaching could enhance 
Chen's teaching by expanding Chen's method for performing dynamic attestation into a 
portable device. 

The ordinary skilled person would have been motivated to have 
applied the teaching of Nakayama into the system of Chen to select an application from 
a plurality of applications for authentication, because Chen teaches dynamic 
authentication of platform and applications (see column 8, lines 4-16 of Chen), and 
Nakayama teaches selection an application from a plurality of applications (see ii). 
Therefore, Nakayama's teaching could enhance Chen's system by providing flexibility. 

The ordinary skilled person would have been motivated to have 
applied the teaching of Hino into the system of Chen to use the processing system that 
has completed trusted boot operation to verify integrity of an application prior to 
execution of the application, because Chen teaches dynamic authentication of platform 
and applications (see column 8, lines 4-16 of Chen), and Hino teaches using the 
processing system that has completed trusted boot operation to verify integrity of an 
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application prior to execution of the application. Therefore, Hino's teaching could 
enhance Chen's system by providing security. 

Referring to claims 1 1 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 9 above). They further disclose retrieving 
a second set of integrity information (see column 11, lines 5-16 '...with the proper 
platform integrity metric, which is extracts from the certificate.', of Chen). 

Referring to claims 12 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 9 above). They further disclose 
comparing the first set of integrity metric with the second set of integrity metric (see 
column 1 1 , lines 5-1 6 'compares', of Chen). 

Referring to claims 13 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 9 above). They further disclose the 
authentication (see column 7, lines 21-26 of Chen). 

Referring to claims 14 : 

Chen, Nakayama, and Hino teach the claimed subject matter: a method 
for performing dynamic attestation (see claim 9 above). They further disclose disabling 
access (see column 3, lines 60-67, of Hino). 

Response to Arguments 

5. Applicant's arguments, filed on April 21 , 2009, have been fully 
considered but they are not persuasive. 

Applicant argues: 

"Applicant submits that they have been unable to locate any teaching in Chen 
directed to "communicating control signals, by the second processing system, to disable 
access by the first processing system to a transceiver of the device if the integrity of the 
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application is not verified" as required by amended independent claim 1 . Therefore, 
Chen fails to disclose, teach or suggest the missing language. Applicant submits that 
Nakayama and Hino also fail to disclose at least the above recited missing language." 
(see page 2, 1®' paragraph) 

Examiner maintains: 

Chen discloses "In step 770, if there is no response (for example, as a result of 
the logon smart card 19 having been removed) or the certificate is no longer valid for 
some reason (for example, the logon smart card has been replaced with a different 
smart card), the session is terminated by the trusted device 24 in step 775." (see 
column 13, lines 26-31 , of Chen, emphasis added). Therefore, Chen discloses 
terminating the session (process) if verification fails. However, Chen does not discloses 
disabling the transceiver if verification fails. 

Nakayama discloses the transceiver (see figure 3, element A [i.e.. Antenna]; 
figure 1 1 , element 213 'transmitter', 21 'receiver', of Nakayama). 

On the other hand, Hino discloses "Preferably, the program executing means has 
hardware, the hardware having a function of enabling and disabling transmission of an 
electric signal of the authenticator of the program executing means from the program 
executing means, and the hardware further enabling the program executing means to 
transmit the electric signal of the authenticator of the program executing means from the 
point of initial detection of a system reset signal." (see column 3, lines 60-67, of Hino, 
emphasis added). Therefore, Hino discloses a hardware having a enabling and an 
disabling functionalities. 

Thus, the combination of references disclose disabling access by the first 
processing system to a transceiver of the device if the integrity of the application is not 
verified, as required by amended independent claim 1 . 
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Conclusion 

6. Any inquiry concerning tliis communication or earlier communications 
from the examiner should be directed to Joseph Pan whose telephone number is 571- 
272-5987. 

If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kim Vu can be reached at 571-272-3859. The fax and phone 
numbers for the organization where this application or proceeding is assigned is 703- 
872-9306. 

Any inquiry of a general nature or relating to the status of this application 
or proceeding should be directed to the receptionist whose telephone number is 571- 
272-2100. 



/Joseph Pan/ 
Examiner, Art Unit 2435 
July 2, 2009 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



